i need some explantations about exploits

[hans8]

hello, i have some questions on which i could not find answers, so i decided to ask here. I must say that i'm quite new in backtrack. Here is my question...every tutorial, every post and every video which i have looked about penetrating is about sm08_067_netapi, but if i understod good enough, it is just for computers that are in same network (every RHOST address is 192.168.1......), i'm interested about, which exploit should be used to penetrait in system which is not in our network???? I'm not sure that i asked propertly what i want to know...some tutorials would be useful or some recomandation what should i look for....thank you

[neno64]

Well, considering the fact that most "exploits" are done first once gaining access to the network, I'm really failing to understand what it is you're trying to do.

However, if -say- you're trying test your firewall capability, you can easily try throwing commands at your IP address using a tunnel on various open ports. The idea is you want to try to figure out what it is the network is running, as many programs use specific ports and usually admins fail to use non-standard ones.

A good place to start, especially if you're running apache servers and such, is to constantly check for security holes in the updates for those products. Rule of thumb is to not necessarily stay up to date, but use stable builds.

I'm being quite vague in my post, I realize, but these are things that are easily looked up and are generally specific to a network.

[lupin]

If only someone had written a HowTo on how exploits work....

Your question also contains an unstated assumption that makes me think you would also benefit from brushing up on your TCP/IP-fu. TCP/IP Illustrated or the Cisco CCNA Study Guide are both excellent references.

I should also mention that your interest in penetration of systems outside of your own network might take this thread on a detour to "ban county", so lets ensure we keep the discussion focused on systems that we have permission to access.

[thorin]

Along with TCP/IP Illustrated or the CNA Study guide you should probably also brush up on RFC 1918 and do some reading about ms08_067_netapi. Then you should realize of course that there is no big read "h4x0r 1t n0wz!" button and that actually exploiting a system requires that you have at least some knowledge of the relevant services and vulnerabilities.

If you didn't know how to swim would you climb up on the high tower and dive into the deep end of the pool? Because that's basically what you're attempting to do here....

[micole]

Then you should realize of course that there is no big read "h4x0r 1t n0wz!" button and that actually exploiting a system requires that you have at least some knowledge of the relevant services and vulnerabilities.....

I still want one of those "H4x0r 17 n0wz!" buttons... Wanna make a script for it?

If you didn't know how to swim would you climb up on the high tower and dive into the deep end of the pool? Because that's basically what you're attempting to do here....

I would only jump if there were lifeguards... But, for your analogy it would be like jumping into a pool of acid without a hazmat suit in space where no one can hear you scream, but the government can still throw you in jail

[whitelisted]

But, for your analogy it would be like jumping into a pool of acid without a hazmat suit in space where no one can hear you scream, but the government can still throw you in jail

nah, it's definitely not the same as jumping into a pool of acid: he's already said the computers are outside of his network, so I'd say it's more like throwing someone else into a pool of acid.